Re: AUDIT of 2.5.15 copy_to/from_user

From: Rusty Russell (rusty@rustcorp.com.au)
Date: Sun May 19 2002 - 20:38:32 EST

Next message: Andre Hedrick: "Re: [PATCH] IDE PIO write Fix #2"
Previous message: Linus Torvalds: "Re: Linux-2.5.16"
In reply to: Alan Cox: "Re: AUDIT of 2.5.15 copy_to/from_user"
Next in thread: Alan Cox: "Re: AUDIT of 2.5.15 copy_to/from_user"
Reply: Alan Cox: "Re: AUDIT of 2.5.15 copy_to/from_user"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In message <E179P70-0003dg-00@the-village.bc.nu> you write:
> Looking at 2.4.1x which has the same signal code
>
> > arch/i386/kernel/signal.c:37: return __copy_to_user(to, from,
sizeof(siginfo_t));
>
> not a bug

Disagree. May not cause problems at the moment, but a function which
does:

        if (!access_ok (VERIFY_WRITE, to, sizeof(siginfo_t)))
                return -EFAULT;
        if (from->si_code < 0)
                return __copy_to_user(to, from, sizeof(siginfo_t));

Is clearly wrong,
Rusty.

--
  Anyone who quotes me in their sig is an idiot. -- Rusty Russell.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Andre Hedrick: "Re: [PATCH] IDE PIO write Fix #2"
Previous message: Linus Torvalds: "Re: Linux-2.5.16"
In reply to: Alan Cox: "Re: AUDIT of 2.5.15 copy_to/from_user"
Next in thread: Alan Cox: "Re: AUDIT of 2.5.15 copy_to/from_user"
Reply: Alan Cox: "Re: AUDIT of 2.5.15 copy_to/from_user"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Thu May 23 2002 - 22:00:18 EST